Evidence of meeting #120 for Procedure and House Affairs in the 44th Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was csis.
A video is available from Parliament.
11:20 a.m.
Liberal
Mona Fortier Liberal Ottawa—Vanier, ON
Who, according to you, is responsible for informing parliamentarians of attempted cyber-attacks like the one that occurred?
11:20 a.m.
Director, Canadian Security Intelligence Service
CSIS, in partnership with its colleagues, assumed that as soon as work began with the House of Commons, the House authorities would inform the MPs. This didn't happen for various reasons.
I know that the conditions under which it happened were complex; it was during the COVID-19 pandemic. There were all kinds of restrictions on who would be present at the office, which complicated meetings. It was before the vaccine was available. Canadian Security Intelligence Service employees were in the office throughout the pandemic, which contributed to some of the confusion in the allocation of tasks.
Having said that, I believe we should all just ask ourselves how we could handle things better in the future.
11:20 a.m.
Liberal
Mona Fortier Liberal Ottawa—Vanier, ON
It seems to me that there are sometimes a lot of cooks in the kitchen. We should try to find a recipe to follow and establish who does what. I think that's what we're trying to understand about the threat that occurred.
11:20 a.m.
Director, Canadian Security Intelligence Service
Mr. Chair, that is indeed true.
When there are national security issues, CSIS usually takes the lead. In the case we are talking about, the national security threat was detected by our partners at the Canadian Centre for Cyber Security. So at the outset, the analysis was more technical.
Once again, we assumed that when the House of Commons authorities were informed, they would be the ones to pass the information on to the parliamentarians. That didn't happen.
We'll rely on the outcome of the committee's work, and take steps as an agency to arrange for the various spheres of activity to work together and analyze how to work closely with our partners to achieve good results, regardless of who does the actual work.
11:25 a.m.
Liberal
Mona Fortier Liberal Ottawa—Vanier, ON
Do you think that only one of these three organizations can speak to parliamentarians? Are there situations in which these three organizations, or perhaps two of them, should share their information with them to keep them properly informed?
11:25 a.m.
Director, Canadian Security Intelligence Service
Mr. Chair, from 2021 to 2024, the discussion surrounding national security and foreign interference changed dramatically in Canada.
I shouldn't speculate here, but in future there could well be an entity responsible for communicating information of this kind to parliamentarians. It could be the House of Commons, given its special relationship with parliamentarians, working together with CSIS and the CSE, both of which could also be involved. This would ensure that the best possible information is communicated to parliamentarians as quickly as possible to enable them not only to protect themselves, but also make the right decisions.
11:25 a.m.
Liberal
Mona Fortier Liberal Ottawa—Vanier, ON
In closing, for the parliamentarians themselves, when someone has not been contacted in the proper manner, for example, are you informed? Were you so informed in the situation under discussion? Do you follow up with parliamentarians following an incident, no matter what happened? Do you think that's important?
11:25 a.m.
Director, Canadian Security Intelligence Service
As I mentioned, in the case under discussion, when parliamentarians have been targeted by an APT31 cyber-attack, it wasn't done that way. As I mentioned in my opening address, we are accordingly going to work with our partners to ensure that we have all learned from this situation.
11:25 a.m.
Bloc
Marie-Hélène Gaudreau Bloc Laurentides—Labelle, QC
I think we've just pinpointed something as a result of the previous questions. There is no entity that takes control to prevent what we experienced. We may have been only speculating, but I think doing so is essential.
On several occasions, Mr. Chair, Mr. Vigneault said, “we assumed”. One should never assume. I'm always saying that.
Mr. Vigneault, can you reassure me by telling me that since this incident, memoranda have been systematically sent to the minister responsible?
11:25 a.m.
Bloc
Marie-Hélène Gaudreau Bloc Laurentides—Labelle, QC
So if someone is on vacation, let's say, it won't end up in the wastebasket. If there's an important memo, it will be read and not treated as a minor alert. I'd like assurance on that.
11:25 a.m.
Director, Canadian Security Intelligence Service
Mr. Chair, I can assure the member that CSIS is working in partnership with Public Safety Canada to make sure that won't happen. The minister was very clear about that.
11:25 a.m.
Bloc
Marie-Hélène Gaudreau Bloc Laurentides—Labelle, QC
As for us, our role is to legislate, and I see that the act contains several items that place limits on what you can do. For us to be able to do our work, we have to know what you need.
Take a few moments to talk to us about that. I'm sure it's something you've thought about.
11:25 a.m.
Director, Canadian Security Intelligence Service
Mr. Chair, as I mentioned in my opening remarks, the House is indeed currently studying a bill to modernize certain aspects of the Canadian Security Intelligence Service Act, Bill C‑70.
It's interesting to look at things with a bit of hindsight. The act came into force in 1984, in the middle of the Cold War, following a commission of inquiry whose role was to review certain activities of the organization that had been responsible for national security at the time. To me, it looked like a rather defensive bill. Its purpose was to prevent certain lapses from recurring.
In my humble opinion, the circumstances that existed in 1984 no longer apply in 2024. The world has changed. Canada's image has changed and the threats we are facing have changed, not only in terms of complexity and the number of stakeholders responsible, but also the impact they have on the everyday lives of Canadians and Quebeckers.
The sharing of information amendments proposed in Bill C‑70, which is currently being studied by Parliament, are absolutely essential. Their purpose is to simplify part of our data system, and the way we obtain orders from the Federal Court, while maintaining judicial authorizations. I'm sure that these changes will have a very direct impact on Canadians.
As Minister LeBlanc said, it was a first step, and other efforts would be required in future to modernize the Canadian Security Intelligence Service Act. Once again, when the time comes to protect Canadians against threats, it's important to know that the methods used by those who contrive them can change very quickly. We therefore have to make sure that we're not lagging behind these changes.
11:30 a.m.
Bloc
Marie-Hélène Gaudreau Bloc Laurentides—Labelle, QC
I'm somewhat worried about how long the legislative process takes. We are now working on Bill C‑70. By the time the amendments come into force, will the act still be effective and will it still address our needs?
It's urgent to do something right now. I believe we all agree on that. Can we succeed in providing measures as quickly as possible so that you have the tools you need?
At our most recent meetings, witnesses told us that they were all restricted to their respective sandboxes, in isolation, without being able to speak to the others. I even told a few of them last week that I'd like to be their client, because then I'd be able to get some information. I'm certainly not getting it now from House Administration, and I don't know if they're ever going to give us any information.
We need recommendations because I feel that Bill C-70 will be outdated by the time it's adopted.
What do you think?
11:30 a.m.
Director, Canadian Security Intelligence Service
I think Ms. Gaudreau has put her finger on something rather important.
As a public servant, I'll allow myself to make the following comment.
When discussing matters of national security, it's important, to the greatest extent possible, not to politicize them. We need to be flexible in order to find a way to modernize the various statutes as soon as possible.
Technological changes are accelerating and we depend to an enormous extent on communication systems. Some companies have been changing their procedures and methods. A lot of work is also being done on access to telecommunications data.
What I'd like to see is a parliamentary committee which, instead of studying complex omnibus bills, regularly invites witnesses to appear and asks them about databases, progress in combatting threats, and how to address needs as quickly as possible. That's my message to the committee.
11:30 a.m.
Bloc
11:30 a.m.
Liberal
The Chair Liberal Ben Carr
Thank you, Ms. Gaudreau.
Ms. Mathyssen, it's over to you for six minutes.
June 11th, 2024 / 11:30 a.m.
NDP
Lindsay Mathyssen NDP London—Fanshawe, ON
Thank you to the witnesses for appearing today.
It's been made clear—you yourself said it, Mr. Vigneault—that the assessment at that time was made; the information was shared and peak communication happened. However, we're constantly learning in a very quickly changing environment that.... Clearly, this is an important matter to raise to show that processes need to change. I appreciate the work that is continuing to be done.
It's important moving forward to think about those bigger issues. I know I'm focused on them. I'm clear in terms of where we need to go as a committee, but the questions I have are within a bigger scope.
I want to talk about the NSICOP report.
There was a shocking confirmation that proxies of Modi's government interfered in two recent Conservative leadership.... This isn't new information. The bureau reported two years ago on a 2022 intelligence assessment by CSIS.
The report stated:
Government of India agents appear to have interfered in the Conservative's 2022 leadership race by purchasing memberships for one candidate while undermining another, and also boasted of funding “a number of politicians at all levels of government,”
The same week, Baaz reported that a Conservative member of Parliament was approached by a Government of India proxy to rescind their support for one of the candidates.
Can you tell this committee, or confirm, that the intelligence taken by CSIS was shared with that NSICOP report?
11:35 a.m.
Director, Canadian Security Intelligence Service
Mr. Chair, with all due respect to the member's question, I will not be able to comment on leaked information to the media. That said, I can assure the member that we have shared and testified to all of the information that was relevant to the committee's review.
I will ask Mr. Basler, who is our counter-foreign interference coordinator, to speak about the volume and depth of our information sharing.
11:35 a.m.
Bo Basler Director General and Coordinator, Foreign Interference, Canadian Security Intelligence Service
Thank you, Director.
Yes, NSICOP certainly had access to any and all service information outside of some that was redacted for cabinet confidences, but any of our classified intelligence was made available to the committee. As well, a number of officials appeared before the committee to be interviewed and answer direct questions throughout their review. They also had all the information that was given to the independent special rapporteur when he was doing his review. The same information has gone to the National Security and Intelligence Review Agency as well as the public inquiry.
There are four separate reviews that have had access to, I think, at last count, at least from the service, over 8,000 documents that have been shared with the review committees.
11:35 a.m.
NDP
Lindsay Mathyssen NDP London—Fanshawe, ON
At the beginning of this year, PressProgress reported that CSIS was investigating foreign interference in the nomination race for a candidate from Oxford. They cited that local Conservative Party officials had been interviewed by CSIS and local Conservative activists were visited by CSIS officials.
I ask the same questions in terms of whether it was shared with NSICOP. I understand not wanting to comment on leakages, but the fact that these leaks continue to happen must be concerning. I don't want to ask about the specifics of that, but overall, we're talking about these processes and we're talking about leaks and we're talking about improvements. Can you talk about the first bit of the question and the second?